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CLAIM AMENDMENTS 

Claims 1-21 are pending, wherein claims 18 is currently amended herein. 

1. (original) A MAC (media access control) address-based communication restricting 
method comprising the steps of: 

receiving packet data upon request of communication through at least one port of a plurality 
of ports of an Ethernet switch; 

reading a MAC destination address and a MAC source address included in the received 
packet data; 

detecting, in an address table, access vectors corresponding to the MAC destination and 
source addresses; and 

denying access if the access vectors of the MAC destination and source addresses are not 
matched. 

2. (original) The method as set forth in claim 1, further comprising steps of: 
configuring an anti-hacker table comprising information pertaining to a plurality of client 

nodes and a plurality of server nodes of a network, wherein each client node is identified by a 
corresponding MAC address, a corresponding host identification and a corresponding IP (Internet 
protocol) address, and each server node is identified by a corresponding MAC address, a 
corresponding host identification and a corresponding IP (Internet protocol) address; 

determining whether the received MAC source address is stored in said address table; 

configuring an address entry for said received MAC source address when it is determined that 
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said MAC source address is not stored in said address table and identifying said received MAC 

source address as a new MAC source address; 

determining whether said new MAC source address is stored in said anti-hacker table; and 
storing the configured address entry for said received MAC source address in said address 

table when it is determined that said new MAC source address is not stored in said anti-hacker table. 

3. (original) The method as set forth in claim 2, further comprising steps of: 

adding a port number, corresponding to the port through which said packet data was received, 
to a storage area corresponding to said new MAC source address in said anti-hacker table, when it 
is determined that said new MAC source address is stored in said anti-hacker table; 

modifying an access vector included in said configured address entry for said new MAC 
source address, to set security; and 

storing the configured address entry including the modified access vector for said new MAC 
source address in said address table. 

4. (previously presented) A packet switch restricting MAC (media access control) address- 
based communication, comprising: 

a host providing overall control to the packet switch and executing commands input to the 
packet switch; 

at least one MAC port performing MAC control operations and outputting a transmit/receive 
command of a data packet; 

a transmission/reception controller receiving said transmit/receive command; 
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g a data exchange controlled by said transmission/reception controller, said data exchange 

9 establishes paths of data and control signals between the host, the MAC port and a packet memory; 
i o said packet memory storing received data packets, said packet memory including a port table 

1 1 and an address table; 

12 said port table storing information about a current status of the packet switch, port attributes 

13 enable/disable, and packet reception completion of each MAC port; and 

14 said address table storing registered MAC addresses, source access vectors corresponding 

15 to source MAC addresses of said registered MAC addresses and destination access vectors 
le corresponding to destination MAC addresses of said registered MAC addresses. 

1 5. (previously presented) The packet switch as set forth in claim 4, said packet memory 

2 including further a packet descriptor storing information about each packet stored in the packet 

3 memory. 

1 6. (previously presented) The packet switch as set forth in claim 5, wherein said packet 

2 information comprises packet connection information. 

1 7. (previously presented) The packet switch as set forth in claim 4, further comprising a 

2 search memory storing information by which a MAC port, corresponding to the destination MAC 

3 address of a received data packet, is determined for data packet output. 

i 8. (previously presented) The packet switch as set forth in claim 7, wherein said 
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transmission/reception controller temporarily stores received data packets, accesses said search 
memory, checks whether the destination MAC address in a header of the received data packet has 
been registered, locates where the registered destination MAC address is stored in the address table, 
and determines a MAC port through which the received data packet is to be output. 

9. (previously presented) The packet switch as set forth in claim 4, wherein said host 
includes an anti-hacker table comprising information pertaining to a plurality of client nodes and a 
plurality of server nodes of a network, wherein each client node is identified by a corresponding 
MAC address, a corresponding host identification and a corresponding IP (Internet protocol) address, 
and each server node is identified by a corresponding MAC address, a corresponding host 
identification and a corresponding IP (Internet protocol) address. 

10. (previously presented) The packet switch as set forth in claim 4, wherein said 
transmission/reception controller receives a data packet upon request of communication through the 
MAC port, reads the destination MAC address and source MAC address included in the received 
data packet, detects the destination access vector corresponding to the destination MAC address and 
the source access vector corresponding to the source MAC address, and denies the requested 
communication if the destination access vector and the source access vector do not match. 

11. (previously presented) The packet switch as set forth in claim 10, wherein said 
transmission/reception controller determines whether the received source MAC address is stored in 
said address table, configures an address entry for said received source MAC address when it is 
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determined that said source MAC address is not stored in said address table and identifies said 
received source MAC address as a new source MAC address. 

12. (previously presented) The packet switch as set forth in claim 11, wherein said 
transmission/reception controller determines whether said new source MAC address is stored in said 
anti-hacker table, and stores the configured address entry for said received source MAC address in 
said address table when it is determined that said new source MAC address is not stored in said anti- 
hacker table. 

13. (previously presented) The packet switch as set forth in claim 11, wherein said 
transmission/reception controller adds a port number, corresponding to the MAC port through which 
said data packet was received, to a storage area corresponding to said new source MAC address in 
said anti-hacker table, when it is determined that said new MAC source address is stored in said anti- 
hacker table, modifies an access vector included in said configured address entry for said new source 
MAC address, to set security, and stores the configured address entry including the modified access 
vector for said new source MAC address in said address table. 

14. (previously presented) A method of restricting MAC (media access control) address- 
based communication through a packet switch, said method comprising steps of: 

storing source MAC addresses and destination MAC addresses in an address table; 
storing source access vectors in said address table, said source access vectors respectively 
corresponding to said source MAC addresses; 
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storing destination access vectors in said address table, said destination access vectors 
respectively corresponding to said destination MAC addresses; 

comparing, upon receipt of a data packet, one of said source access vectors corresponding 
to a source MAC address received in a header of said data packet, to one of said destination access 
vectors corresponding to a destination MAC address received in said header of said data packet; and 

preventing said MAC address-based communication when the compared source access vector 
does not match the destination access vector. 

15. (previously presented) The method as set forth in claim 14, said comparing step 
comprising steps of: 

extracting said source MAC address and said destination MAC address from said header of 
said data packet; 

determining whether said source MAC address and said destination MAC address are stored 
in said address table; and 

when it is determined that said source MAC address and said destination MAC address are 
stored in said address table, reading the source access vectors corresponding to said source MAC 
address and the destination access vectors corresponding to a destination MAC address from said 
address table. 

1 6. (previously presented) The method as set forth in claim 1 5, further comprising a step of: 
configuring an anti-hacker table comprising information pertaining to a plurality of client 

nodes and a plurality of server nodes of a network, wherein each client node is identified by a 
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corresponding client MAC address, a corresponding host identification and a corresponding IP 
(Internet protocol) address, and each server node is identified by a corresponding server MAC 
address, a corresponding host identification and a corresponding IP (Internet protocol) address. 

17. (previously presented) The method as set forth in claim 16, further comprising steps of: 
configuring an address entry for the extracted source MAC address when it is determined that 

said source MAC address is not stored in said address table and identifying the extracted source 

MAC address as a new source MAC address; 

determining whether said new source MAC address is stored in said anti-hacker table; and 
storing the configured address entry for said extracted source MAC addresses in said address 

table when it is determined that said new source MAC address is not stored in said anti-hacker table. 

18. (currently amended) The method as set forth in claim [[1 9]] 17, further comprising steps 

of: 

adding a port number, corresponding to a port through which said data packet was received, 
to a storage area corresponding to said new source MAC address in said anti-hacker table, when it 
is determined that said new source MAC address is stored in said anti-hacker table; 

modifying an access vector, included in said configured address entry, for said new source 
MAC address, to set security; and 

storing the configured address entry including the modified access vector for said new source 
MAC address in said address table. 
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19. (previously presented) A MAC (media access control) address-based communication 
restricting method using access vectors stored in an address table, wherein the access vectors indicate 
whether two nodes, corresponding to a source address and a destination address, may access each 
other, the method comprising steps of: 

receiving packet data upon request of communication through at least one port of a plurality 
of ports of an Ethernet switch; 

reading a received MAC destination address and a received MAC source address included 
in the received packet data; 

detecting, in the address table, an access vector corresponding to the received MAC 
destination address and an access vector corresponding to the received MAC source address; and 

denying access if the access vector of the received MAC destination address does not match 
the access vector of the received MAC source address. 

20. (previously presented) The method as set forth in claim 1 9, further comprising steps of: 
configuring an anti-hacker table comprising information pertaining to a plurality of client 

nodes and a plurality of server nodes of a network, wherein each client node is identified by a 
corresponding MAC address, a corresponding host identification and a corresponding IP (Internet 
protocol) address, and each server node is identified by a corresponding MAC address, a 
corresponding host identification and a corresponding IP (Internet protocol) address; 

determining whether the received MAC source address is stored in said address table; 

configuring an address entry for said received MAC source address when it is determined that 
said received MAC source address is not stored in said address table and identifying said received 
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MAC source address as a new MAC source address; 

determining whether said new MAC source address is stored in said anti-hacker table; and 
storing the configured address entry for said received MAC source address in said address 

table when it is determined that said new MAC source address is not stored in said anti-hacker table. 

2 1 . (previously presented) The method as set forth in claim 20, further comprising steps of: 

adding a port number, corresponding to the port through which said packet data was received, 
to a storage area corresponding to said new MAC source address in said anti-hacker table, when it 
is determined that said new MAC source address is stored in said anti-hacker table; 

modifying an access vector included in said configured address entry for said new MAC 
source address, to set security; and 

storing the configured address entry including the modified access vector for said new MAC 
source address in said address table. 
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